I am trying to get SSL working on ActiveMQ but keep running into the error:
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
I am running the ActiveMQ server on its own (which I believe is Jetty) rather than on Tomcat as it is the only instance we require.
I have a signed intermediary certificate (I believe generated by openssl) which I have imported into a keystore using:
keytool -import -trustcacerts -alias trustserver -file trustserver.crt
I have repeated this for each of the available certificates and set the SSL_OPTS to the locaton of the keystore and given it the password. I did try this with the catted file (having cleared the existing keystore).
Having gotten rid of the keystore, I have also tried to convert the key into a pkcs12 using:
openssl pkcs12 -export -in mycert.crt -inkey mykey.key -out mycert.p12 -name tomcat - CAfile myCA.crt -caname root -chain
though changing the paths to my .crts and having catted the certificates into one file (barring the sighed version). and the keytool import to import the catted file and the signed certificate.
However I get the same response from the server and the STOMP+SSL connection that I am trying to start responds failed to enable crypto and is unable to connect.
I would be grateful for any help in solving this as it has been some while since I last installed SSL on a Java server.